tools

package
v0.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 1, 2025 License: MIT Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var TrivyVersion = "v0.60.0"

TrivyVersion is the pinned version you want to install. Adjust as needed. Also consider how you'd verify checksums, etc.

Functions

func InitializeTrivy 

func InitializeTrivy() error

Initialize ensures Trivy is installed (downloading if needed) and updates the local vulnerability database so scanning is current.

func IntializeTooling 

func IntializeTooling()

func TrivyScan 

func TrivyScan(repoPath, repoName string) ([]core.Finding, error)

Scan runs "trivy repo --format json" against the given path, parses, filters for CRITICAL or HIGH vulnerabilities with no fixed version, and returns them as Findings. You can adjust filtering logic or add flags to the Trivy command as needed.

Types

type TrivyResult 

type TrivyResult struct {
	Results []struct {
		Target          string `json:"Target"`
		Class           string `json:"Class"`
		Type            string `json:"Type"`
		Vulnerabilities []struct {
			VulnerabilityID  string `json:"VulnerabilityID"`
			PkgName          string `json:"PkgName"`
			InstalledVersion string `json:"InstalledVersion"`
			FixedVersion     string `json:"FixedVersion"`
			Severity         string `json:"Severity"`
			Title            string `json:"Title"`
			Description      string `json:"Description"`
		} `json:"Vulnerabilities"`
	} `json:"Results"`
}

TrivyResult helps unmarshal Trivy's JSON output. You can expand or trim fields depending on what you care about.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.